Software piracy is an enormous drain on the global economy according to the Software Piracy Report. The report estimates worldwide losses in 2000 due to software piracy of at least $12 billion. Software piracy also has a significant impact on the high-tech industry, resulting in lost jobs, decreased innovation, and higher costs to consumers.
To combat software piracy, various licensing verification/activation have been developed. Such products commonly require software to be activated during or after installation on a target device. Product activation works by validating that the software's installation key, required as part of installation, has not been used in excess of licensing restrictions. In one product, the installation key is a function of three components. One component is a product ID generated from static hardware information, such as Display Adapter, SCSI Adapter, IDE Adapter, Network Adapter, MAC address, RAM amount range (i.e., 0-64 mb, 64-128 mb, etc.), processor-type, processor serial number, hard drive device, and hard drive volume serial number. The second component is a hardware hash generated from the device's hardware configuration. The third component is a product key. A hash algorithm is used to determine the hardware ID. The hardware hash is a non-unique number generated from one or more static identifiers during activation. The product key is sent along with the hardware hash to an activation server maintained by a vendor. Activation is completed either directly via the Internet or by a telephone call to customer service representative. Application products go into reduced functionality mode if the user does not activate before the end of the grace period. Activation discourages piracy by limiting the number of times a product key can be activated on different devices.
The use of static identifiers is subject to piracy by “spoofing”. For example, if the static identifier is a MAC address a software pirate can change the MAC address of his device programmatically or through hardware settings. Thus, the pirate can reuse the software on different devices altered to have the same MAC address.